製品・ソフトウェアに関する情報

JVN脆弱性詳細

Microsoft Windows の win32k.sys における権限昇格の脆弱性

Title	Microsoft Windows の win32k.sys における権限昇格の脆弱性
Summary	Microsoft Windows の kernel-mode ドライバ内にある win32k.sys には、権限を取得される脆弱性が存在します。本脆弱性は、MS11-034 の Vulnerability Type 2 リスト上に掲載されている他の脆弱性とは異なる脆弱性です。
Possible impacts	ローカルユーザにより、巧妙に細工されたアプリケーションを介して、Null ポインタデリファレンスを誘発され、権限を取得される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	April 12, 2011, midnight
Registration Date	May 9, 2011, 12:06 p.m.
Last Update	May 9, 2011, 12:06 p.m.

CVSS2.0 : 危険
Score	7.2
Vector	AV:L/AC:L/Au:N/C:C/I:C/A:C

Affected System

マイクロソフト

Microsoft Windows 7 (x32)

Microsoft Windows 7 (x64)

Microsoft Windows Server 2003

Microsoft Windows Server 2003 (itanium)

Microsoft Windows Server 2003 (x64)

Microsoft Windows Server 2008 (itanium)

Microsoft Windows Server 2008 (x64)

Microsoft Windows Server 2008 (x86)

Microsoft Windows Server 2008 r2(itanium)

Microsoft Windows Server 2008 r2(x64)

Microsoft Windows Vista

Microsoft Windows Vista (x64)

Microsoft Windows XP (x64)

Microsoft Windows XP sp3

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-1229	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1229
National Vulnerability Database (NVD)
2	CVE-2011-1229	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1229

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-Other	https://www.ipa.go.jp/security/vuln/CWE.html#CWEOther

ベンダー情報

No	Name	URL
Microsoft Security Bulletin
1	MS11-034	http://www.microsoft.com/technet/security/bulletin/MS11-034.mspx
マイクロソフトセキュリティ情報
2	MS11-034	http://www.microsoft.com/japan/technet/security/bulletin/MS11-034.mspx
富士通セキュリティ情報
3	TA11-102A	http://software.fujitsu.com/jp/security/vulnerabilities/ta11-102a.html
絵でみるセキュリティ情報
4	MS11-034e	http://www.microsoft.com/japan/security/bulletins/MS11-034e.mspx

その他

No	Name	URL
ISS X-Force Database
1	66411	http://xforce.iss.net/xforce/xfdb/66411
JPCERT 緊急報告
2	JPCERT-AT-2011-0008	https://www.jpcert.or.jp/at/2011/at110008.txt
JVN
3	JVNTA11-102A	http://jvn.jp/cert/JVNTA11-102A
OPEN SOURCE VULNERABILITY DATABASE (OSVDB)
4	71735	http://osvdb.org/71735
Secunia Advisory
5	SA44156	http://secunia.com/advisories/44156
SecurityFocus
6	47229	http://www.securityfocus.com/bid/47229
SecurityTracker
7	1025345	http://www.securitytracker.com/id?1025345
US-CERT Cyber Security Alerts
8	SA11-102A	http://www.us-cert.gov/cas/alerts/SA11-102A.html
US-CERT Technical Cyber Security Alert
9	TA11-102A	http://www.us-cert.gov/cas/techalerts/TA11-102A.html
VUPEN Security
10	VUPEN/ADV-2011-0952	http://www.vupen.com/english/advisories/2011/0952
警察庁 @police
11	マイクロソフト社のセキュリティ修正プログラムについて(MS11-018,019,020,021,022,023,024,025,026,027,028,029,030,031,032,033,034)	http://www.npa.go.jp/cyberpolice/#topics

Change Log

No	Changed Details	Date of change
0	[2011年05月09日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2011-1229

Summary	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, a different vulnerability than other "Vulnerability Type 2" CVEs listed in MS11-034, aka "Win32k Null Pointer De-reference Vulnerability."
Publication Date	April 14, 2011, 5:26 a.m.
Registration Date	Jan. 28, 2021, 4:38 p.m.
Last Update	Nov. 21, 2024, 10:25 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:microsoft:windows_xp:-:sp3::::::
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::itanium:*
cpe:2.3:o:microsoft:windows_server_2008:-:::::::*
cpe:2.3:o:microsoft:windows_7:-:::::::*
cpe:2.3:o:microsoft:windows_2003_server:-:sp2::::::
cpe:2.3:o:microsoft:windows_vista:-:sp1::::::
cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::
cpe:2.3:o:microsoft:windows_7:-:sp1::::::
cpe:2.3:o:microsoft:windows_vista:-:sp2::::::
cpe:2.3:o:microsoft:windows_xp:-:sp2:::::x64:*
cpe:2.3:o:microsoft:windows_server_2008:r2::::::itanium:
cpe:2.3:o:microsoft:windows_server_2008:r2::::::x64:
cpe:2.3:o:microsoft:windows_vista:-:sp1:::::x64:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp2::::::
cpe:2.3:o:microsoft:windows_vista:-:sp2:::::x64:*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:avaya:integrated_management::::::::
cpe:2.3:a:avaya:meeting_exchange::::::::	5.0.0	5.2.0
cpe:2.3:a:avaya:aura_conferencing_standard_edition:6.0.0:::::::*
cpe:2.3:a:avaya:communication_server_1000_telephony_manager::::::::	3.0.0	4.0.0
cpe:2.3:a:avaya:callpilot::::::::	4.0.x	5.0.x
cpe:2.3:a:avaya:messaging_application_server::::::::	4.0.x	5.2.x
cpe:2.3:a:avaya:web_messenger::::::::
cpe:2.3:a:avaya:visual_vector_client::::::::
cpe:2.3:a:avaya:unified_communication_center::::::::
cpe:2.3:a:avaya:speech_access::::::::
cpe:2.3:a:avaya:outbound_contact_management::::::::
cpe:2.3:a:avaya:operational_analyst::::::::
cpe:2.3:a:avaya:network_reporting::::::::
cpe:2.3:a:avaya:ip_softphone::::::::
cpe:2.3:a:avaya:ip_agent::::::::
cpe:2.3:a:avaya:interaction_center::::::::
cpe:2.3:a:avaya:enterprise_manager::::::::
cpe:2.3:a:avaya:customer_interaction_express::::::::
cpe:2.3:a:avaya:contact_center_express::::::::
cpe:2.3:a:avaya:computer_telephony::::::::
cpe:2.3:a:avaya:callvisor_asai_lan::::::::
cpe:2.3:a:avaya:call_management_server_supervisor::::::::
cpe:2.3:a:avaya:basic_call_management_system_reporting_desktop::::::::
cpe:2.3:a:avaya:agent_access::::::::
cpe:2.3:a:avaya:octelaccess_server::::::::
cpe:2.3:a:avaya:unified_messenger::::::::
cpe:2.3:a:avaya:vpnmanager_console::::::::
cpe:2.3:a:avaya:octeldesigner::::::::
cpe:2.3:a:avaya:visual_messenger::::::::

Related information, measures and tools

No	URL	タグ
1	http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx	Vendor Advisory
2	http://osvdb.org/71735	Broken Link
3	http://secunia.com/advisories/44156	Third Party Advisory
4	http://support.avaya.com/css/P8/documents/100133352	Third Party Advisory
5	http://www.securityfocus.com/bid/47229	Third Party Advisory VDB Entry
6	http://www.securitytracker.com/id?1025345	Third Party Advisory VDB Entry
7	http://www.us-cert.gov/cas/techalerts/TA11-102A.html	Third Party Advisory US Government Resource
8	http://www.vupen.com/english/advisories/2011/0952	Broken Link
9	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034	Patch Vendor Advisory
10	https://exchange.xforce.ibmcloud.com/vulnerabilities/66411	VDB Entry
11	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503	Third Party Advisory
12	http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx	Vendor Advisory
13	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12503	Third Party Advisory
14	https://exchange.xforce.ibmcloud.com/vulnerabilities/66411	VDB Entry
15	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034	Patch Vendor Advisory
16	http://www.vupen.com/english/advisories/2011/0952	Broken Link
17	http://www.us-cert.gov/cas/techalerts/TA11-102A.html	Third Party Advisory US Government Resource
18	http://www.securitytracker.com/id?1025345	Third Party Advisory VDB Entry
19	http://www.securityfocus.com/bid/47229	Third Party Advisory VDB Entry
20	http://support.avaya.com/css/P8/documents/100133352	Third Party Advisory
21	http://secunia.com/advisories/44156	Third Party Advisory
22	http://osvdb.org/71735	Broken Link

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-476	NULL ポインタデリファレンス	https://cwe.mitre.org/data/definitions/476.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:microsoft:windows_xp:-:sp3::::::
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::x64:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:::::itanium:*
cpe:2.3:o:microsoft:windows_server_2008:-:::::::*
cpe:2.3:o:microsoft:windows_7:-:::::::*
cpe:2.3:o:microsoft:windows_2003_server:-:sp2::::::
cpe:2.3:o:microsoft:windows_vista:-:sp1::::::
cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::
cpe:2.3:o:microsoft:windows_7:-:sp1::::::
cpe:2.3:o:microsoft:windows_vista:-:sp2::::::
cpe:2.3:o:microsoft:windows_xp:-:sp2:::::x64:*
cpe:2.3:o:microsoft:windows_server_2008:r2::::::itanium:
cpe:2.3:o:microsoft:windows_server_2008:r2::::::x64:
cpe:2.3:o:microsoft:windows_vista:-:sp1:::::x64:*
cpe:2.3:o:microsoft:windows_server_2003:-:sp2::::::
cpe:2.3:o:microsoft:windows_vista:-:sp2:::::x64:*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:avaya:integrated_management::::::::
cpe:2.3:a:avaya:meeting_exchange::::::::	5.0.0	5.2.0
cpe:2.3:a:avaya:aura_conferencing_standard_edition:6.0.0:::::::*
cpe:2.3:a:avaya:communication_server_1000_telephony_manager::::::::	3.0.0	4.0.0
cpe:2.3:a:avaya:callpilot::::::::	4.0.x	5.0.x
cpe:2.3:a:avaya:messaging_application_server::::::::	4.0.x	5.2.x
cpe:2.3:a:avaya:web_messenger::::::::
cpe:2.3:a:avaya:visual_vector_client::::::::
cpe:2.3:a:avaya:unified_communication_center::::::::
cpe:2.3:a:avaya:speech_access::::::::
cpe:2.3:a:avaya:outbound_contact_management::::::::
cpe:2.3:a:avaya:operational_analyst::::::::
cpe:2.3:a:avaya:network_reporting::::::::
cpe:2.3:a:avaya:ip_softphone::::::::
cpe:2.3:a:avaya:ip_agent::::::::
cpe:2.3:a:avaya:interaction_center::::::::
cpe:2.3:a:avaya:enterprise_manager::::::::
cpe:2.3:a:avaya:customer_interaction_express::::::::
cpe:2.3:a:avaya:contact_center_express::::::::
cpe:2.3:a:avaya:computer_telephony::::::::
cpe:2.3:a:avaya:callvisor_asai_lan::::::::
cpe:2.3:a:avaya:call_management_server_supervisor::::::::
cpe:2.3:a:avaya:basic_call_management_system_reporting_desktop::::::::
cpe:2.3:a:avaya:agent_access::::::::
cpe:2.3:a:avaya:octelaccess_server::::::::
cpe:2.3:a:avaya:unified_messenger::::::::
cpe:2.3:a:avaya:vpnmanager_console::::::::
cpe:2.3:a:avaya:octeldesigner::::::::
cpe:2.3:a:avaya:visual_messenger::::::::